None was an overwhelming favourite, Caudill’s analysis said. Password, for example, was used by 0.18 per cent or 780 of the almost half a million accounts hacked.

But password was also at the top of the Top 10 list of base words (a word used with something else, such as numbers, to form a password). Another 1,374 people built their password on a base using the word password, followed by welcome, qwerty, monkey, jesus, love, money, freedom, ninja and sunshine.

Caudill, who blogs about Internet development and security, figured the hacked data came from Associated Content, “a company that Yahoo bought in 2010 and closed in 2011, replacing it with Yahoo Voices.”

Among his other findings, creating a sort of how-to list for junior hackers:

• The most common password length is eight characters (26.9 per cent), followed by six characters and then a near-tie with seven and nine characters.

• One and two characters are rare for a password, as is anything over 17.

• One-third of users stuck to lowercase letters for their passwords and another one-third to only letters, upper and lower case.

• Months were not a common password choice, although May did lure 725 users. But March was the most popular abbreviated month (4,718 users), followed by January (1,007) and May (725).

• The names of days spelled out were rare, but days abbreviated had a lot more fans: 4,428 for mon, 1,237 for sun but only 16 for tues.

• Year of birth might factor in to a lot of Gmail addresses but less so in passwords, apparently. The most popular were 2008 (1,145) and 2009 (1,052). The least popular was 2015 (24).

• Red was the most popular colour (2,201), followed by blue (1,143); indigo was the least popular (35).

• Ten per cent of passwords stuck a single number on the end (most often 1) and 16.63 per cent used two numbers (most often 23).

• The most common three-digit password ending? Yep, 123.

More on thestar.com

We value respectful and thoughtful discussion. Readers are encouraged to flag comments that fail to meet the standards outlined in our
Community Code of Conduct.
For further information, including our legal guidelines, please see our full website
Terms and Conditions.